As noted earlier, fraudulent links will sometimes take a user to a fake login page, hoping they will type in their real user id and password so criminals can harvest them. Because it is not a real login, the page might only freeze, or repeatedly ask for the same information, or do other things rather than admit the user inside the site as expected.
The user might think the site is experiencing problems, or that they have forgotten their password. That is possible, but any time one is typing in credentials that should work and are not, be suspicious. It could be a site which is not connected to the real one.
Any time one suspects they have been tricked and disclosed personal information, they should not panic or beat themselves up. Instead, manually go to the real site intended, login, and immediately change the password. If it is done quickly enough, it could eliminate the risk from a hacker, although they can be very fast in exploiting those credentials. Contacting the institution by phone can sometimes enable blocks and other safeguards to be put onto accounts to increase safety.